update-source-schema | SailPoint Developer Community

Update Source Schema (Partial)

Use this API to selectively update an existing Schema using a JSONPatch payload.

The following schema fields are immutable and cannot be updated:

id
name
created
modified

To switch an account attribute to a group entitlement, you need to have the following in place:

isEntitlement: true
Must define a schema for the group and add it to the source before updating the isGroup flag. For example, here is the group account attribute referencing a schema that defines the group:

{
    "name": "groups",
    "type": "STRING",
    "schema": {
        "type": "CONNECTOR_SCHEMA",
        "id": "2c9180887671ff8c01767b4671fc7d60",
        "name": "group"
    },
    "description": "The groups, roles etc. that reference account group objects",
    "isMulti": true,
    "isEntitlement": true,
    "isGroup": true
}

Path Parameters

sourceId string required
The Source id.
Example: 2c9180835d191a86015d28455b4a2329
schemaId string required
The Schema id.
Example: 2c9180835d191a86015d28455b4a2329

application/json-patch+json

Request Body array required

The JSONPatch payload used to update the schema.

op string required
Possible values: [add, remove, replace, move, copy, test]
The operation to be performed
path string required
A string JSON Pointer representing the target path to an element to be affected by the operation
value object
The value to be used for the operation, required for "add" and "replace" operations
anyOf
MOD1
MOD2
MOD4
string

Responses

The Schema was successfully updated.

application/json

Schema
Example (from schema)

Schema

id string
The id of the Schema.
name string
The name of the Schema.
nativeObjectType string
The name of the object type on the native system that the schema represents.
identityAttribute string
The name of the attribute used to calculate the unique identifier for an object in the schema.
displayAttribute string
The name of the attribute used to calculate the display value for an object in the schema.
hierarchyAttribute string
The name of the attribute whose values represent other objects in a hierarchy. Only relevant to group schemas.
includePermissions boolean
Flag indicating whether or not the include permissions with the object data when aggregating the schema.
features string[]
Possible values: [AUTHENTICATE, COMPOSITE, DIRECT_PERMISSIONS, DISCOVER_SCHEMA, ENABLE, MANAGER_LOOKUP, NO_RANDOM_ACCESS, PROXY, SEARCH, TEMPLATE, UNLOCK, UNSTRUCTURED_TARGETS, SHAREPOINT_TARGET, PROVISIONING, GROUP_PROVISIONING, SYNC_PROVISIONING, PASSWORD, CURRENT_PASSWORD, ACCOUNT_ONLY_REQUEST, ADDITIONAL_ACCOUNT_REQUEST, NO_AGGREGATION, GROUPS_HAVE_MEMBERS, NO_PERMISSIONS_PROVISIONING, NO_GROUP_PERMISSIONS_PROVISIONING, NO_UNSTRUCTURED_TARGETS_PROVISIONING, NO_DIRECT_PERMISSIONS_PROVISIONING]
The features that the schema supports.
configuration object
Holds any extra configuration data that the schema may require.
attributes object[]
The attribute definitions which form the schema.
name string
The name of the attribute.
type string
Possible values: [STRING, LONG, INT, BOOLEAN]
The underlying type of the value which an AttributeDefinition represents.
schema object
A reference to the schema on the source to the attribute values map to.
type string
Possible values: [CONNECTOR_SCHEMA]
The type of object being referenced
id string
The object ID this reference applies to.
name string
The human-readable display name of the object.
description string
A human-readable description of the attribute.
isMulti boolean
Flag indicating whether or not the attribute is multi-valued.
isEntitlement boolean
Flag indicating whether or not the attribute is an entitlement.
isGroup boolean
Flag indicating whether or not the attribute represents a group. This can only be true if isEntitlement is also true and there is a schema defined for the attribute..
created date-time
The date the Schema was created.
modified date-time
The date the Schema was last modified.

{
  "id": "2c9180835d191a86015d28455b4a2329",
  "name": "account",
  "nativeObjectType": "User",
  "identityAttribute": "sAMAccountName",
  "displayAttribute": "distinguishedName",
  "hierarchyAttribute": "memberOf",
  "includePermissions": false,
  "features": [
    "PROVISIONING",
    "NO_PERMISSIONS_PROVISIONING",
    "GROUPS_HAVE_MEMBERS"
  ],
  "configuration": {
    "groupMemberAttribute": "member"
  },
  "attributes": [
    {
      "name": "sAMAccountName",
      "type": "STRING",
      "isMultiValued": false,
      "isEntitlement": false,
      "isGroup": false
    },
    {
      "name": "memberOf",
      "type": "STRING",
      "schema": {
        "type": "CONNECTOR_SCHEMA",
        "id": "2c9180887671ff8c01767b4671fc7d60",
        "name": "group"
      },
      "description": "Group membership",
      "isMultiValued": true,
      "isEntitlement": true,
      "isGroup": true
    }
  ],
  "created": "2019-12-24T22:32:58.104Z",
  "modified": "2019-12-31T20:22:28.104Z"
}

Client Error - Returned if the request body is invalid.

application/json

Schema
Example (from schema)

Schema

detailCode string
Fine-grained error code providing more detail of the error.
trackingId string
Unique tracking id for the error.
messages object[]
Generic localized reason for error
locale string
The locale for the message text, a BCP 47 language tag.
localeOrigin string
Possible values: [DEFAULT, REQUEST]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text string
Actual text of the error message in the indicated locale.
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
locale string
The locale for the message text, a BCP 47 language tag.
localeOrigin string
Possible values: [DEFAULT, REQUEST]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text string
Actual text of the error message in the indicated locale.

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.

application/json

Schema
Example (from schema)

Schema

error
A message describing the error

{
  "error": "JWT validation failed: JWT is expired"
}

Forbidden - Returned if the user you are running as, doesn't have access to this end-point.

application/json

Schema
Example (from schema)
403

Schema

detailCode string
Fine-grained error code providing more detail of the error.
trackingId string
Unique tracking id for the error.
messages object[]
Generic localized reason for error
locale string
The locale for the message text, a BCP 47 language tag.
localeOrigin string
Possible values: [DEFAULT, REQUEST]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text string
Actual text of the error message in the indicated locale.
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
locale string
The locale for the message text, a BCP 47 language tag.
localeOrigin string
Possible values: [DEFAULT, REQUEST]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text string
Actual text of the error message in the indicated locale.

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

An example of a 403 response object

{
  "detailCode": "403 Forbidden",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The server understood the request but refuses to authorize it."
    }
  ]
}

Not Found - returned if the request URL refers to a resource or object that does not exist

application/json

Schema
Example (from schema)
404

Schema

detailCode string
Fine-grained error code providing more detail of the error.
trackingId string
Unique tracking id for the error.
messages object[]
Generic localized reason for error
locale string
The locale for the message text, a BCP 47 language tag.
localeOrigin string
Possible values: [DEFAULT, REQUEST]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text string
Actual text of the error message in the indicated locale.
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
locale string
The locale for the message text, a BCP 47 language tag.
localeOrigin string
Possible values: [DEFAULT, REQUEST]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text string
Actual text of the error message in the indicated locale.

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

An example of a 404 response object

{
  "detailCode": "404 Not found",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The server did not find a current representation for the target resource."
    }
  ]
}

Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.

application/json

Schema
Example (from schema)

Schema

message
A message describing the error

{
  "message": " Rate Limit Exceeded "
}

Internal Server Error - Returned if there is an unexpected error.

application/json

Schema
Example (from schema)
500

Schema

detailCode string
Fine-grained error code providing more detail of the error.
trackingId string
Unique tracking id for the error.
messages object[]
Generic localized reason for error
locale string
The locale for the message text, a BCP 47 language tag.
localeOrigin string
Possible values: [DEFAULT, REQUEST]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text string
Actual text of the error message in the indicated locale.
causes object[]
Plain-text descriptive reasons to provide additional detail to the text provided in the messages field
locale string
The locale for the message text, a BCP 47 language tag.
localeOrigin string
Possible values: [DEFAULT, REQUEST]
An indicator of how the locale was selected. DEFAULT means the locale is the system default. REQUEST means the locale was selected from the request context (i.e., best match based on the Accept-Language header). Additional values may be added in the future without notice.
text string
Actual text of the error message in the indicated locale.

{
  "detailCode": "400.1 Bad Request Content",
  "trackingId": "e7eab60924f64aa284175b9fa3309599",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ],
  "causes": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "The request was syntactically correct but its content is semantically invalid."
    }
  ]
}

An example of a 500 response object

{
  "detailCode": "500.0 Internal Fault",
  "trackingId": "b21b1f7ce4da4d639f2c62a57171b427",
  "messages": [
    {
      "locale": "en-US",
      "localeOrigin": "DEFAULT",
      "text": "An internal fault occurred."
    }
  ]
}

Update Source Schema (Partial)​

Update Source Schema (Partial)